<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8" />
<meta http-equiv="X-UA-Compatible" content="IE=9" />
<link href="css/style.css" rel='stylesheet' type='text/css' />
<script type="text/javascript" src="js/jquery.min.js"></script>
<script type="text/javascript" src="js/jquery-ui.min.js"></script>
<script type="text/javascript" src="js/jquery.package-slider.js"></script>

<title>A&A Hosting</title>
</head>

<body>

<!-- START HEADER WRAPER-->
<div id="header-color">
	<div id="header-wrapper">
		<?php require("header.php"); ?>
	</div>
</div>


<div id="page-wrapper">
<?php
// session_start();
require_once("DB_Config.php");
$tbl_name="members";


if(isset($_SESSION['myusername'])==True)
{

	$db_connect = DB_Connection::getInstance();
	

	// $host="localhost"; // Host name 
	// $username=""; // Mysql username 
	// $password=""; // Mysql password 
	// $db_name="test"; // Database name 
	 $tbl_name="members"; // Table name 

	// // Connect to server and select databse.
	// mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
	// mysql_select_db("$db_name")or die("cannot select DB");
	
	$edit_flag = 0;
	$filter_flag = ")"; //Filter Mysql Queries For Table Line 84

						//_________________________edit user been pressed_______
	if( isset($_POST['edit_user']) )
	{
		if(empty($_POST['usrname'])){echo "You haven't choose a user to edit<br>";}//user haven't been choose
		else{
			$edit_flag = 1;
			$user_name = $_POST['usrname'];
			echo "Now you can edit personal data of user ".$user_name."<br>";

		}
	}
					//________________________delete user been pressed_______
	if( isset($_POST['delete_user']) )
	{
		
		if(empty($_POST['usrname'])){echo "You haven't choose a user to delete<br>";}//user haven't been choose
		else{ //deliting 
			$edit_flag = 0;
			$user_name = $_POST['usrname'];

				$sql="DELETE FROM `members` WHERE `username`='$user_name'";
				$stmt = $db_connect->db_conn->prepare($sql);
				$param=array($user_name);
				
				if ($stmt->execute()){

					echo $user_name." have been deleted<br>";
				}

				else{
					echo $user_name;
					echo "user havent been selected<br>";
				}


			// mysql_query("DELETE FROM `members` WHERE `username`='$user_name'");
			
		}
	}
					//________________________update user been pressed_______
	if( isset($_POST['update_user']) )
	{
		if(empty($_POST['usrname'])){echo "You haven't choose a user to update<br>";}//user haven't been choose
		else{ //deliting 
			$edit_flag = 0;
			$nuser_name = $_POST['usrname'];
			$nfirst_name = $_POST['fname'];
			$nlast_name = $_POST['lname'];
			$nemail = $_POST['email'];
			$npassword = $_POST['password']; 
			$npos = $_POST['pos'];

			// mysql_query("UPDATE `users` , `members`
			// 	SET `members`.`password`='$npassword', `members`.`priv`='$npos',`users`.`first_name`='$nfirst_name',`users`.`last_name`='$nlast_name',`users`.`email`='$nemail' 
			// 	WHERE `users`.`username`='$nuser_name' AND `members`.`username`='$nuser_name'");

			$sql="UPDATE users , members	
				  SET 
				  `members`.`password`='$npassword',
				  `members`.`priv`='$npos',
				  `users`.`first_name`='$nfirst_name',
				  `users`.`last_name`='$nlast_name',
				  `users`.`email`='$nemail'
				  WHERE 
				  `users`.`username`=? AND `members`.`username`=?";

			$stmt = $db_connect->db_conn->prepare($sql);
			$param=array($nuser_name,$nuser_name);

			if ($stmt->execute($param)){
			echo $nuser_name." user have been updated<br>";
		}
			// else echo "update failed";

		}
	}
 					//______________________case we want only see users table_______________________


	if( isset($_POST['filter_all']) ) { $filter_flag = ")"; }
	if( isset($_POST['filter_std']) ) { $filter_flag = "and  `members`.`priv`='std')"; }
	if( isset($_POST['filter_tch']) ) { $filter_flag = "and  `members`.`priv`='tch')"; }

	// If We only want to see the table edit_flag=0
	if ($edit_flag == 0){

		$sql_start="SELECT `users`.`username`, `users`.`first_name`, `users`.`last_name`, `users`.`email`, `members`.`priv` 
			  FROM `members`, `users` 
			  WHERE ( `users`.`username`=`members`.`username`";

		$sql = $sql_start.$filter_flag;	
		$stmt = $db_connect->db_conn->prepare($sql);
		
		if ($stmt->execute()){ 
?> <!--END WRAPPER PHP -->


				<b>result table</b>

		<table id="admin_table" >
		<thead>
			<tr>
				<th></th>
				<th>User Name</th>
				<th>First Name</th>
				<th>Last Name</th>
				<th>E-mail</th>
				<th>Roll</th>
			</tr>
		</thead>
		<form name="delete_user_form" method="post" action="">
			<?php while($row = $stmt->fetch(PDO::FETCH_ASSOC)){ ?> <!-- gets all the table rows -->
				<?php if(!($row['priv']=='mng')) { ?><!-- for not showing the administrator -->
		<tbody>
			<tr id="row">
				<td><input type="radio" name="usrname" value=<?php echo $row['username']; ?>></td>
				<td><?php echo $row['username']; ?></td>
				<td><?php echo $row['first_name']; ?></td>
				<td><?php echo $row['last_name']; ?></td>
				<td><?php echo $row['email']; ?></td>
				<td><?php echo $row['priv']; ?></td>
			</tr>
		</tbody>
	<?php } //if row end
} ?>		<!--while end end-->

</table>

		
		<input  style="font-size:12px" name="edit_user" type="submit"  value="Edit User" class="button"/>
	 	</form>
	 	<form name="filter_user_form" method="post" action="">
	 	<input  style="font-size:12px" name="filter_std" type="submit"  value="only std" class="button"/>
	 	<input  style="font-size:12px" name="filter_tch" type="submit"  value="only tch" class="button"/>
	 	<input  style="font-size:12px" name="filter_all" type="submit"  value="all users" class="button"/>
	 	</form>

		<?php } // end execute if

		else{

		echo "Table Error<br>";
		}	

	} //end edit_flag==0 if
		 

 					//__________________________________case we in edit mode_______________________
if ($edit_flag == 1){
		// $sql="SELECT `users`.`username`, `users`.`first_name`, `users`.`last_name`, `users`.`email`, `members`.`password` , `members`.`priv`
		// 	  FROM `members`, `users` 
		// 	  WHERE ( `users`.`username`=`members`.`username`) AND  (`users`.`username`='$user_name' )";
		// $result=mysql_query($sql); //Resault Table
		// $row = mysql_fetch_array($result);

		$sql="SELECT `users`.`username`, `users`.`first_name`, `users`.`last_name`, `users`.`email`, `members`.`password` , `members`.`priv`
			  FROM `members`, `users`
			  WHERE ( `users`.`username`=`members`.`username`) AND  (`users`.`username`= ? )";

		$stmt = $db_connect->db_conn->prepare($sql);
		$param=array($user_name);

			if ($stmt->execute($param)){

			$row = $stmt->fetch(PDO::FETCH_ASSOC)


?>

		<div class="subjects">
        <div class="colReg" >
            <ul>
                <li class="register">User Name:</li>
                <li class="register">First Name:</li>
                <li class="register">Last Name:</li>
                <li class="register">E-mail address:</li>
                <li class="register">Password:</li>
                <li class="register">User Position:</li>

            </ul>
        </div>
        <form name="edit_user_form" method="post" action="">
        <div class="colReg" >
            <ul class="regBull">
                <li><input type="text" class="input" style="maxlength="10"" id="username" name="usrname" readonly  value="<?php echo $row['username']; ?>"></li>
                <li><input type="text" class="input" style="maxlength="10"" id="fname" name="fname"  value="<?php echo $row['first_name']; ?>"></li>
                <li><input type="text" class="input" style="maxlength="10"" id="lname" name="lname"  value="<?php echo $row['last_name']; ?>"></li>
                <li><input type="text" class="input" style="maxlength="10"" id="email" name="email"  value="<?php echo $row['email']; ?>"></li>
                <li><input type="text" class="input" style="maxlength="15"" id="password" name="password"  value="<?php echo $row['password']; ?>"></li>
            	 <li> <select requierd name="pos" class="input" > 
            	 		<option value="tch" <?php if( $row['priv']== "usr"){?> selected <?php } ?> > Usr </option> 
            	 		<option value="std"<?php if( $row['priv']== "mng"){?> selected <?php } ?> > Mng </option> 
            	 	</select> </li>
            </ul>
            
            
        </div>

		<input  style="font-size:12px" name="delete_user" type="submit"  value="Delete User" class="button"/> 
		<input  style="font-size:12px" name="update_user" type="submit"  value="Update" class="button"/>
	</form>
	</div>
	<?php } 
}
}?>



<!-- END CONTENT WRAPER-->
</div>

<!-- START FOOTER WRAPER-->
<p><?php require("footer.php"); ?></p>
</body>
</html>